CVE-2025-40928

CVE-2025-40928: JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

Vendor Mlehmann
Product JSON::XS
Weakness CWE-122
Published September 8, 2025
Last update November 4, 2025

CVSS base score

What the vulnerability does

01Description

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

Key dates

02Disclosure timeline

September 8, 2025 CVE published
November 4, 2025 Record updated